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TECHNICAL FIELD 

This invention relates generally to cryptography and, more particularly, to 
methods and arrangements that allow signature generating devices to provide 
encryption-based authentication services within a computing environment. 

BACKGROUND 

Cryptography is commonly employed to authenticate data, encode data, or 
encrypt/decrypt data in a manner that allows the data to be stored , accessed and/or 
transmitted in a controlled/secure manner. Cryptography is becoming more and 
more popular as computers and networks increase in number, size and complexity. 

One basic form of cryptography is asymmetric encryption, which uses 
public-key encryption algorithms. Public-key algorithms typically employ two 
different keys (known as a key pair), namely, a public key and a private key. 
These two keys are typically derived from extremely large prime numbers making 
them mathematically related. However, it is practically impossible to derive one 
key from the other. As suggested by their names, the public key is made public, 
while the private key is kept private. Information (i.e., data) that is encrypted with 
either one of the keys can only be decrypted with the other one of the keys. Thus, 
for example, data encrypted with the private key can only be decrypted with the 
public key, and vice versa. 

Since, public-key algorithms can be somewhat slow, particularly when 
encrypting large amounts of data, a digital signature can be used instead to 
digitally sign the data. A digital signature can be produced by passing the data 
through a specific one-way hashing algorithm. The hashing algorithm produces a 
much smaller message digest. As a result of the hashing algorithm, the message 
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digest is a unique value that can essentially act as a "fingerprint" for the larger 
data file. Once a message digest is created, it can be encrypted, for example, 
using the private key and attached to the larger data file when it is sent or 
otherwise provided. 

One problem associated with such cryptography techniques is that a third 
party might attempt to masquerade as one of the communicating parties, for 
example, by fraudulently holding out a public key that is represented to be one of 
the communicating parties public keys. Any messages or hashes that are intended 
for the communicating party and encrypted with the fraudulent public key could 
conceivably be decrypted with the accompanying private key by the third party. 

To address this problem and others, a digital certificate can be employed by 
the communicating parties. A digital certificate is a credential issued by a trusted 
organization or entity called a certification authority (CA), such as, for example, 
Verisign, Inc. This credential typically contains a public key and data that 
identifies the certificate's subject (i.e., the applicable communicating party). A 
certificate is usually issued by a CA only after the CA has verified the certificate's 
subject's identity and has confirmed that the public key included with the 
certificate belongs to that subject. The certificate may also include a digest of the 
certificate's contents that is signed with the private key of the CA to ensure that 
the certificate has not been altered or forged. 

To further the mobility of users, portable devices, such as, for example, 
smart cards, can be used to authenticate that a user is allowed to access various 
resources or information. While some smart cards are configured to provide 
asymmetric encryption, other smart cards are limited, for example, by export 
regulations, to only provide digital signatures. In certain situations, therefore, 
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smart cards that are limited to providing digital signatures are unable to support 
the necessary encryption-based authentication processes. Consequently, there is a 
need for improved methods and arrangements that can be implemented to allow 
signature-generating devices to support encryption-based authentication processes. 

SUMMARY 

The present invention provides improved methods and arrangements that 
can be implemented to allow signature-generating devices to support encryption- 
based authentication processes. 

In accordance with certain aspects of the present invention, the methods 
and arrangements allow a signature-generating device to support an encryption- 
based authentication process. In certain methods, for example, a smart card or like 
device is configured to interface with a computer. The computer can be 
configured to generate a key based on a digital signature and at least one random 
value, for example, by hashing a digital signature produced by the smart card 
along with a concatenated random number. The resulting key can then be used by 
the computer to selectively encrypt data. During a subsequent use, for example, 
the smart card is required to once again digitally sign the random number to 
produce a corresponding digital signature. The computer then uses the digital 
signature to compute a key, which is then used to decrypt the previously encrypted 
data. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

A more complete understanding of the various methods and arrangements 
of the present invention may be had by reference to the following detailed 
description when taken in conjunction with the accompanying drawings wherein: 

Fig. 1 is a block diagram depicting a computing environment including a 
computer and a smart card. 

Fig. 2 is a block diagram of an exemplary implementation of a smart card. 

Fig. 3 is a flow-chart depicting an exemplary initial set-up process. 

Fig. 4 is a flow-chart depicting an exemplary authentication process. 

DETAILED DESCRIPTION 

Fig. 1 is an illustrative block diagram depicting a general example of a 
computer 130. Various numbers of computers such as that shown can be used in 
the context of a distributed computing environment. 

Computer 130 includes one or more processors or processing units 132, a 
system memory 134, and a bus 136 that couples various system components 
including the system memory 134 to processors 132. The bus 136 represents one 
or more of any of several types of bus structures, including a memory bus or 
memory controller, a peripheral bus, an accelerated graphics port, and a processor 
or local bus using any of a variety of bus architectures. The system memory 134 
includes read only memory (ROM) 138 and random access memory (RAM) 140. 
A basic input/output system (BIOS) 142, containing the basic routines that help to 
transfer information between elements within computer 130, such as during start- 
up, is stored in ROM 138. 



Lee & Hayes, PLLC 



4 



MS1-505US.PAT.APP.DOC 



Computer 130 further includes a hard disk drive 144 for reading from and 
writing to a hard disk (not shown), a magnetic disk drive 146 for reading from and 
writing to a removable magnetic disk 148, and an optical disk drive 150 for 
reading from or writing to a removable optical disk 152 such as a CD ROM or 
other optical media. The hard disk drive 144, magnetic disk drive 146, and optical 
disk drive 150 are connected to the bus 136 by an SCSI interface 154 or some 
other appropriate interface. The drives and their associated computer-readable 
media provide nonvolatile storage of computer-readable instructions, data 
structures, program modules and other data for computer 130. Although the 
exemplary environment described herein employs a hard disk, a removable 
magnetic disk 148 and a removable optical disk 152, it should be appreciated by 
those skilled in the art that other types of computer-readable media which can 
store data that is accessible by a computer, such as magnetic cassettes, flash 
memory cards, digital video disks, random access memories (RAMs), read only 
memories (ROMs), and the like, may also be used in the exemplary operating 
environment. 

A number of program modules may be stored on the hard disk 144, 
magnetic disk 148, optical disk 152, ROM 138, or RAM 140, including an 
operating system 158, one or more application programs 160, other program 
modules 162, and program data 164. A user may enter commands and 
information into computer 130 through input devices such as a keyboard 166 and a 
pointing device 168. Other input devices (not shown) may include a microphone, 
joystick, game pad, satellite dish, scanner, or the like. These and other input 
devices are connected to the processing unit 132 through an interface 170 that is 
coupled to the bus 136. A monitor 172 or other type of display device is also 
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connected to the bus 136 via an interface, such as a video adapter 174. In addition 
to the monitor, personal computers typically include other peripheral output 
devices (not shown) such as speakers and printers. 

Computer 130 commonly operates in a networked environment using 
logical connections to one or more remote computers, such as a remote computer 
176. The remote computer 176 may be another personal computer, a server, a 
router, a network PC, a peer device or other common network node, and typically 
includes many or all of the elements described above relative to computer 130, 
although only a memory storage device 178 has been illustrated in Fig. 8. The 
logical connections depicted in Fig. 8 include a local area network (LAN) 180 and 
a wide area network (WAN) 182. Such networking environments are 
commonplace in offices, enterprise-wide computer networks, intranets, and the 
Intemet. 

When used in a LAN networking environment, computer 130 is connected 
to the local network 180 through a network interface or adapter 184. When used 
in a WAN networking environment, computer 130 typically includes a modem 186 
or other means for establishing communications over the wide area network 182, 
such as the Intemet. The modem 186, which may be internal or extemal, is 
connected to the bus 136 via a serial port interface 156. In a networked 
environment, program modules depicted relative to the personal computer 130, or 
portions thereof, may be stored in the remote memory storage device. It will be 
appreciated that the network connections shown are exemplary and other means of 
establishing a communications link between the computers may be used. 

Generally, the data processors of computer 130 are programmed by means 
of instructions stored at different times in the various computer-readable storage 
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media of the computer. Programs and operating systems are typically distributed, 
for example, on floppy disks or CD-ROMs. From there, they are installed or 
loaded into the secondary memory of a computer. At execution, they are loaded at 
least partially into the computer's primary electronic memory. The invention 
described herein includes these and other various types of computer-readable 
storage media when such media contain instructions or programs for implementing 
the steps described below in conjunction with a microprocessor or other data 
processor. The invention also includes the computer itself when programmed 
according to the methods and techniques described below. 

For purposes of illustration, programs and other executable program 
components such as the operating system are illustrated herein as discrete blocks, 
although it is recognized that such programs and components reside at various 
times in different storage components of the computer, and are executed by the 
data processor(s) of the computer. 

To support the portability of tokens and the associated cryptographic 
functions that support application programs 160, computer 130 further includes at 
least one portable token interface. For example, magnetic disk 148 or optical disk 
152 may be considered a token carrier or device when encoded with applicable 
token data/instructions. More likely, however, in the future, the portable token 
interface will include the coupling of additional hardware to computer 130. Thus, 
for example, a smart card reader 200 may be connected to bus 136 through a port 
such as serial port 156, as depicted. Smart card reader 200 is supported by 
application programs and/or other modules similar to other input/output devices. 
Smart card reader 200 is configured to receive a smart card 202 and to provide the 
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operative coupling of smart card 202 to processing unit 132. Smart card reader 
200 can support a plurality of smart cards. 

By way of still further example, a universal serial bus (USB) port 204 may 
also be coupled to bus 136, as applicable, to support smart card readers and/or 
other types of portable token devices 206. The basic notion of the portable token 
device is that it can be provided by the user to one or more computer systems 
when required to support cryptographic functions or encryption-based 
authentication functions. 

Fig. 2 is a block diagram depicting an exemplary smart card 202. As 
shown, smart card 202 includes a connector 204 coupled to an onboard controller 
or processor 206. Processor 206 is further coupled to an onboard memory 208. 
Memory 208 is typically a non-volatile memory that allows smart card 202 to be 
moved around from machine to machine without loss of data. Processor 206 is 
responsive to instructions provided via memory 208 and/or computer 130 when 
smart card 202 is powered on. 

Given this configuration, smart cards can be configured to provide 
significant security for cryptographic keys. Additional security can be provided 
by requiring the user to enter additional security or identifying data (e.g., a 
personal identification number (PIN) or string, personal and/or other biometric 
information/data) in computer 130 when attempting to activate or otherwise access 
the services provided for by smart card 202. For example, the card holder may be 
required to enter a PIN to activate the private key, or have their fingerprint 
scanned. As token carriers, smart card 202 preferably holds at least one 
asymmetric key pair. In the discussion that follows, it is assumed that smart card 
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202 is limited to providing a digital signature for an input string, for example, 
based on an asymmetric key pair therein. 

Conventional authentication/logon processes have typically relied on 
cryptographic techniques to authenticate users. By way of example, a user is 
usually required to supply a user ID and a "secret" password (PW). The password 
(PW) or some derivative thereof can then be used to encrypt a key (K) using a 
conventional encryption function. Key K is a string that is itself used to encrypt a 
data block D. Data block D can contain any type of data, including logon data, 
various data files, permissions, etc. Thus, to subsequently access data block D or 
portions thereof, password PW must be provided and used to first decrypt key K. 
Once key K has been decrypted, data block D can be decrypted and accessed. 
The computer would therefore store E(D)k and E(K)pw, wherein E is an 
encryption function. 

Certain logon processes also store and utilize a cryptographic hash H(PW) 
of password PW. H(PW) is generated by a one-way hashing function. When a 
user attempts to logon, the newly entered password PW is hashed and the results 
are compared to the stored H(PW) to authenticate the user. Thus, if the compared 
hash values match, then E(K)pw is decrypted and then E(D)k is decrypted. The 
user then has access to data block D or is otherwise authenticated to access the 
computing resources. 

A smart card that does provide encryption capabilities can be used in place 
of the E(K)pw operation. For example, a user would provide a user ID and 
personal identification number (PIN). The PIN can be any string of information, 
and as such is not limited to numbers as its name infers. The PIN is provided to 
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the smart card and enables the smart card to perform generate key K, which can 
then be used to decrypt E(D)k. 

However, certain smart card implementations are Hmited to only generating 
digital signatures of an input string. As such, these signature-generating devices 
are unable to generate key K, as defined above. As described below, such 
limitations can prevent users fi:om accessing the computer in certain situations. 

Let us assume that the user is attempting to logon to a computer network 
through a remote computer having a smart card reader, and that the user wants to 
access data on the remote computer. In this example, the computer network 
includes a domain controller or like arrangement that authenticates users that can 
access various resources including the remote computer. 

When the remote computer is operatively connected to the domain 
controller, the domain controller sends a challenge (C) to the remote computer as 
part of the logon process. The remote computer responds with a signature S(C) of 
challenge C generated by the smart card and a digital certificate. The domain 
controller then responds with decrypted data block (or at least a portion thereof 
associated with the logon process), upon authentication of the signature S(C) and 
the digital certificate. 

However, if the remote computer is not operatively connected to the 
domain controller, then the user would not be able to logon using a smart card that 
is limited to generating signatures. 

Thus, as mentioned above there is a need for improved methods and 
arrangements that allow signature-generating devices to support encryption-based 
authentication processes, such as, for example, a logon process. 
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The novel methods and arrangements described herein are capable of 
tuming a signature generating operation into an encryption operation that can be 
used to derive a key K for use in the encryption and decryption processes. 

Fig. 3 is a block diagram depicting an initial process 300 for initially setting 
up the various methods and arrangements and encrypting data. In step 302, a 
computer generates a random value (Rl), computes a cryptographic hash H(R1) of 
random number Rl and builds a data block (D) that includes random value Rl and 
hash H(R1). In step 304, the computer generates additional random values (R2) 
and (R3). In step 306, the computer provides a string that includes random value 
R2 to the smart card. In response, the smart card digitally signs the string and 
returns a signature S(R2) to the computer. Since S(R2) is the output of a private 
key operation, not all of the bits will be uniformly random. Consequently, in this 
example, random value R3 is used to further increase the security of the overall 
encryption process. Thus, in step 308, the computer computes an encryption key 
(K) by cryptographically hashing S(R2) combined with random value R3 (e.g., K 
= H(S(R2)|R3), or K = H(R3| S(R2))). In step 310, the resulting key K is then 
used to encrypt data block D. In step 312, the computer stores encrypted data 
block E(D)k, and random values R2 and R3. 

In the logon example above, the remote computer will have encrypted data 
block E(D)k, and stored random values R2 and R3. Thus, during a logon process, 
when logon information within data block D is required, the signature-generating 
smart card will be able to support the decryption process. 

Fig. 4 is a flow-chart depicting a decryption process 400. In step 402, the 
computer accesses the encrypted data block E(D)k, and stored random values R2 
and R3. In step 404, the computer provides a string including random value R2 to 
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the signature-generating smart card. In response, the smart card digitally signs the 
string and returns a signature TS(R2) to the computer. In step 406, the computer 
computes a decryption key (TK) by cryptographically hashing TS(R2) combined 
with random value R3 (e.g., K - H(TS(R2)|R3), or K = H(R31TS(R2)). In step 
408, the resulting key TK is then used to decrypt data block E(D)k and thereby 
reproduce data block D. 

Step 410, which is optional, provides additional security checking by 
having the computer further generate a cryptographic hash of the decrypted 
random value Rl that was included in data block D. The resulting hash value is 
then compared to decrypted hash value H(R1). A match further verifies that key 
TK was the correct key. 

In accordance with still other exemplary implementations, a simpler 
method having reduced security is provided that does not require as many random 
values. Here, the Encryption Key = HASH(Signature(Rl),R2)is instead 
Encryption Key = Signature(Rl), or Encryption Key = some other derivative of 
(Signature(Rl)). This is like to picking the first/last N bits from the signature 
itself. 

Similarly, there's no reason other than verification to have redundancy in 
the encrypted packet. In certain implementations described above, the Encrypted 
Packet = Encrypted (R3, Hash(R3)),such that if any bit of the encrypted packet is 
altered, one will know since the R3 <-> Hash(R3) link would go bad. Similarly, a 
failure would occur if the decryption is attempted with the wrong key. 

However, a simpler implementation may be employed in certain situations. 
For example, an Encrypted Packet = Encrypted(R3) or an Encrypted Packet = 
Encrypted( User Data ) may be employed, so as to forego the extra security 
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checking and/or encrypt the user data directly. One drawback, of course, to this 
simpler approach is that the added security of the R3 <-> Hash(R3) link would be 
missing. Nevertheless, this may be appropriate for certain arrangements. 

Using the above methods and arrangements, therefore, a signature- 
generating smart card or other like device is able to support encryption-based 
authentication processes within a computer and/or computer network environment. 
For example, the methods and arrangements allow users to logon and access 
encrypted data through portable computers that are intermittently connected to an 
enterprise network, without requiring a smart card that supports more advanced 
encryption processes. 

For further information on cryptography techniques, readers are directed to 
available texts, such as, for example, Applied Cryptography Second Edition^ by 
Bruce Schneier, published by John Wiley & Sons, Inc., 1996, which is 
incorporated herein by reference and for all purposes. 

Those skilled in the art will further recognize that the above methods and 
arrangements may be adapted for use in enforcing cached logons 
in a significantly secure maimer. For example, the above exemplary methods can 
be used to complete the client-side of an encryption-based authentication round as 
described above and may also be used to have a signature-based smart card or like 
device generate a key that unlocks secrets (i.e., data) that are held encrypted 
locally. Without this mechanism it isn't clear how such a "signature-only" device 
could possibly be used to encrypt a local cache securely. 

Although some preferred embodiments of the various methods and 
arrangements of the present invention have been illustrated in the accompanying 
Drawings and described in the foregoing Detailed Description, it will be 
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understood that the invention is not Hmited to the exemplary embodiments 
disclosed, but is capable of numerous rearrangements, modifications and 
substitutions without departing from the spirit of the invention as set forth and 
defined by the following claims. 



Lee & Hayes. PLLC 



14 



MSI -503 US PA TAP? DOC 



CLAIMS 

What is Claimed is: 

1 . A method comprising: 
selectively hashing a first data string; 
digitally signing a second data string; and 

generating an encryption key based on the digitally signed second data 
string and a third data string. 

2. The method as recited in Claim 1, further comprising: 
selectively encrypting data using the encryption key. 

3. The method as recited in Claim 2, wherein the data includes the hash 
of the first data string. 

4. The method as recited in Claim 2, wherein the data includes the first 
data string. 

5. The method as recited in Claim 4, further comprising: 

storing the encrypted data, the second data string and the third data string. 

6. The method as recited in Claim 5, wherein the encrypted data, the 
second data string and the third data string are each stored in memory. 

7. The method as recited in Claim 5, wherein the encrypted data, the 
second data string and the third data string are each stored on a storage medium. 
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8. The method as recited in Claim 1, wherein generating at least a 
portion of the encryption key further includes cryptographically hashing at least a 
portion of the digitally signed second data string combined with at least a portion 
of the third data string. 

9. The method as recited in Claim 8, wherein generating the encryption 
key further includes cryptographically hashing the digitally signed second data 
string concatenated with the third data string. 

10. The method as recited in Claim 8, wherein generating the encryption 
key further includes cryptographically hashing the third data string concatenated 
with the digitally signed second data string. 

11. The method as recited in Claim 1, wherein at least one data string 
selected from among the first data string, the second data string and the third data 
string includes a substantially randomly generated data string. 

12. The method as recited in Claim 1, wherein the first data string, the 
second data string and the third data string are each generated by a first device that 
is configured to selectively hash the first data string and generate the encryption 
key. 

13. The method as recited in Claim 1, wherein a second device digitally 
signs the second data string. 
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14. The method as recited in Claim 13, wherein the second device 
includes a signature-generating device. 

15. The method as recited in Claim 14, wherein the signature-generating 
device is a smart card, 

16. A computer-readable medium having computer-executable 
instructions for performing steps comprising: 

selectively hashing a first data string; 
digitally signing a second data string; and 

generating an encryption key based on the digitally signed second data 
string and a third data string. 

17. The computer-readable medium as recited in Claim 16, further 
comprising computer-executable instructions for: 

selectively encrypting data using the encryption key. 

18. The computer-readable medium as recited in Claim 17, wherein the 
data includes the hash of the first data string. 

19. The computer-readable medium as recited in Claim 17, wherein the 
data includes the first data string. 
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20. The computer-readable medium as recited in Claim 19, further 
comprising computer-executable instructions for: 

storing the encrypted data, the second data string and the third data string. 

21. The computer-readable medium as recited in Claim 20, wherein the 
encrypted data, the second data string and the third data string are each stored in 
memory. 

22. The computer-readable medium as recited in Claim 20, wherein the 
encrypted data, the second data string and the third data string are each stored on a 
storage medium. 

23. The computer-readable medium as recited in Claim 16, wherein 
generating at least a portion of the encryption key further includes 
cryptographically hashing at least a portion of the digitally signed second data 
string combined with at least a portion of the third data string. 

24. The computer-readable medium as recited in Claim 23, wherein 
generating the encryption key further includes cryptographically hashing the 
digitally signed second data string concatenated with the third data string. 

25. The computer-readable medium as recited in Claim 23, wherein 
generating the encryption key further includes cryptographically hashing the third 
data string concatenated with the digitally signed second data string. 
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26. The computer-readable medium as recited in Claim 16, wherein at 
least one data string selected from among the first data string, the second data 
string and the third data string includes a substantially randomly generated data 
string. 

27. The computer-readable medium as recited in Claim 16, wherein the 
first data string, the second data string and the third data string are each generated 
by a first device that is configured to selectively hash the first data string and 
generate the encryption key. 

28. The computer-readable medium as recited in Claim 16, wherein a 
second device digitally signs the second data string. 

29. The computer-readable medium as recited in Claim 28, wherein the 
second device includes a signature-generating device. 

30. The computer-readable medium as recited in Claim 29, wherein the 
signature-generating device is a smart card. 

31. An arrangement comprising: 

first logic configured to selectively hash a first data string; 

second logic operatively coupled to the first logic and configured to 
digitally sign a second data string; and 

wherein the first logic is further configured to generate an encryption key 
based on the digitally signed second data string and a third data string. 
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32. The arrangement as recited in Claim 31, wherein the first logic is 
further configured to selectively encrypt data using the encryption key. 

33. The arrangement as recited in Claim 32, wherein the data includes 
the hash of the first data string. 

34. The arrangement as recited in Claim 32, wherein the data includes 
the first data string. 

35. The arrangement as recited in Claim 34, wherein the first logic is 
further configured to store the encrypted data, the second data string and the third 
data string. 

36. The arrangement as recited in Claim 35, further including memory 
operatively coupled to the first logic, and wherein the first logic stores the 
encrypted data, the second data string and the third data string are in the memory. 

37. The arrangement as recited in Claim 35, further including a data 
storage device having at least one storage medium, the data storage device being 
operatively coupled to the first logic, and wherein the first logic provides the 
encrypted data, the second data string and the third data string to the storage 
device for storage on a storage medium. 
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38. The arrangement as recited in Claim 31, wherein the first logic is 
further configured to cryptographically hash at least a portion of the digitally 
signed second data string combined with at least a portion of the third data string. 

39. The arrangement as recited in Claim 38, wherein the first logic is 
further configured to cryptographically hash the digitally signed second data string 
concatenated with the third data string. 

40. The arrangement as recited in Claim 38, wherein the first logic is 
further configured to cryptographically hash the third data string concatenated 
with the digitally signed second data string. 

41. The arrangement as recited in Claim 31, wherein at least one data 
string selected from among the first data string, the second data string and the third 
data string includes a substantially randomly generated data string. 

42. The arrangement as recited in Claim 3 1 , wherein the first data string, 
the second data string and the third data string are each generated by the first logic. 

43. The arrangement as recited in Claim 31, wherein the second logic is 
provided within a smart card. 

44. A method comprising: 
accessing a plurality of stored data strings; 
digitally signing a second data string; and 
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generating an encryption key based on the digitally signed second data 
string and a third data string. 

45. The method as recited in Claim 44, further comprising: 
accessing encrypted data; and 

decrypting the encrypted data using the encryption key. 

46. The method as recited in Claim 45, wherein the resulting decrypted 
data includes a first data string. 

47. The method as recited in Claim 46, wherein the resulting decrypted 
data includes a hash of the first data string. 

48. The method as recited in Claim 45, wherein accessing the plurality 
of stored data strings and accessing the encrypted data further includes reading a 
memory. 

49. The method as recited in Claim 45, wherein accessing the plurality 
of stored data strings and accessing the encrypted data further includes reading 
data from at least one storage medium. 

50. The method as recited in Claim 44, wherein generating at least a 
portion of the encryption key further includes cryptographically hashing at least a 
portion of the digitally signed second data string combined with at least a portion 
of the third data string. 
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51. The method as recited in Claim 50, wherein generating the 
encryption key further includes cryptographically hashing the digitally signed 
second data string concatenated with the third data string. 

52. The method as recited in Claim 50, wherein generating the 
encryption key further includes cryptographically hashing the third data string 
concatenated with the digitally signed second data string. 

53. The method as recited in Claim 44, wherein at least one data string 
selected from among the first data string, the second data string and the third data 
string includes a substantially randomly generated data string. 

54. The method as recited in Claim 44, wherein the first data string, the 
third data string, and the encrypted data are each accessed by a first device that is 
configured to selectively hash the first data string and generate the encryption key. 

55. The method as recited in Claim 44, wherein a second device 
digitally signs the second data string. 

56. The method as recited in Claim 55, wherein the second device 
includes a signature-generating device. 

57. The method as recited in Claim 56, wherein the signature-generating 
device is a smart card. 
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58. A computer-readable medium having computer-executable 
instructions for performing steps comprising: 

accessing a plurality of stored data strings; 
digitally signing a second data string; and 

generating an encryption key based on the digitally signed second data 
string and a third data string. 

59. The computer-readable medium as recited in Claim 58, further 
comprising computer-readable medium having computer-executable instructions 
for: 

accessing encrypted data; and 

decrypting the encrypted data using the encryption key. 

60. The computer-readable medium as recited in Claim 59, wherein the 
resulting decrypted data includes a first data string. 

61. The computer-readable medium as recited in Claim 60, wherein the 
resulting decrypted data includes a hash of the first data string. 

62. The computer-readable medium as recited in Claim 59, wherein 
accessing the plurality of stored data strings and accessing the encrypted data 
further includes reading a memory. 
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63. The computer-readable medium as recited in Claim 59, wherein 
accessing the plurality of stored data strings and accessing the encrypted data 
further includes reading data from at least one storage medium. 

64. The computer-readable medium as recited in Claim 58, wherein 
generating at least a portion of the encryption key fiirther includes 
cryptographically hashing at least a portion of the digitally signed second data 
string combined with at least a portion of the third data string. 

65. The computer-readable medium as recited in Claim 64, wherein 
generating the encryption key fiirther includes cryptographically hashing the 
digitally signed second data string concatenated with the third data string. 

66. The computer-readable medium as recited in Claim 64, wherein 
generating the encryption key fiirther includes cryptographically hashing the third 
data string concatenated with the digitally signed second data string. 

67. The computer-readable medium as recited in Claim 58, wherein at 
least one data string selected from among the first data string, the second data 
string and the third data string includes a substantially randomly generated data 
string. 
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68. The computer-readable medmm as recited in Claim 58, wherein the 
first data string, the third data string, and the encrypted data are each accessed by a 
first device that is configured to selectively hash the first data string and generate 
the encryption key. 

69. The computer-readable medium as recited in Claim 58, wherein a 
second device digitally signs the second data string. 

70. The computer-readable medium as recited in Claim 69, wherein the 
second device includes a signature-generating device. 

71. The computer-readable medium as recited in Claim 70, wherein the 
signature-generating device is a smart card. 

72 . An arrangement comprising: 

first logic configured to access a plurality of stored data strings; 

second logic cooperatively coupled to the first logic and configured to 
digitally sign a second data string; and 

wherein the first logic is fiirther configured to generate an encryption key 
based on the digitally signed second data string and a third data string. 

73. The arrangement as recited in Claim 72, wherein the first logic is 
fiirther configured to: 

access encrypted data; and 

decrypt the encrypted data using the encryption key. 
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74. The arrangement as recited in Claim 73, wherein the resulting 
decrypted data includes a first data string. 

75. The arrangement as recited in Claim 74, wherein the resulting 
decrypted data includes a hash of the first data string. 

76. The arrangement as recited in Claim 73, further comprising memory 
operatively coupled to the first logic, and wherein the first logic reads the plurality 
of stored data strings and the encrypted data from the memory. 

77. The arrangement as recited in Claim 73, further comprising a data 
storage device having at least one storage medium, and wherein the first logic 
reads the plurality of stored data strings and the encrypted data from the storage 
medium. 

78. The arrangement as recited in Claim 72, wherein the first logic is 
further configured to generate at least a portion of the encryption key by 
cryptographically hashing at least a portion of the digitally signed second data 
string combined with at least a portion of the third data string. 

79. The arrangement as recited in Claim 78, wherein the first logic is 
further configured to generate the encryption key by cryptographically hashing the 
digitally signed second data string concatenated with the third data string. 



Lee & Hayes. PLLC 



27 



MS1-503US PATAPP DOC 



80. The arrangement as recited in Claim 78, wherein the first logic is 
further configured to generate the encryption key by cryptographically hashing the 
third data string concatenated with the digitally signed second data string. 

81. The arrangement as recited in Claim 72, wherein at least one data 
string selected from among the first data string, the second data string and the third 
data string includes a substantially randomly generated data string. 

82. The arrangement as recited in Claim 72, wherein the second logic is 
provided within a smart card. 
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ABSTRACT 

Methods and arrangements are provided that allow a smart card having 
digital signing capabilities to support an encryption-based authentication process. 
In one exemplary method, the smart card is configured to interface with a personal 
computer. During a set-up process, the personal computer generates a plurality of 
random values and selectively hashes at least one of the random values. The smart 
card then digitally signs another one of the random values to produce a 
corresponding digital signature, for example, using a private key. The personal 
computer then generates a key based on the digital signature and at least one of the 
random values, for example, by further hashing the digital signature concatenated 
with the random number. The resulting key is then used by the personal computer 
to selectively encrypt data. During a subsequent use, the smart card is required to 
once again digitally sign the random number to produce a corresponding digital 
signature. The personal computer then uses the resulting digital signature to 
compute a key that can be used to decrypt the previously encrypted data. 



Lee & Hayes. PLLC 



29 



MSI -503 US PAT APP DOC 



MS1-503US 




MS1-503US 



202 



204 



Connector 



206 



Processor 



208 



Memory 



2 



302 



Build a data block D that includes a random value (R1) and 
the cryptographic hash H(R1 ) of random value R1 



304 



Generate random values R2 and R3 



306 



Using a signature-generating device, generate a signature 
S(R2) by digitally signing a string containing random value 

R2 



308 



Compute an encryption key K = H(S(R2) | R3) 



310 



Encrypt data block D using key K 



312 



Store encrypted data block E(D)^ and 
random values R2 and R3 
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Access stored encrypted data block E{D)^ and 
randonn values R2 and R3 
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Using a signature-generating device, generate a signature 
TS(R2) by digitally signing a string containing a stored 
random value R2 
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Connpute an decryption key TK = H(TS(R2) | R3) 



408 



Decrypt E(D)^ using TK 



410 



Generate a cryptographic hash of the recovered randonn 
number R1 (from decrypted data block D) and compare it 
with the recovered H(R1) within decrypted data block D 
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